Bug#1021771: apache2: Accessing to type-map without .var suffix results 500 and apache2 exits
OK, here is the detailed version of steps to reproduce:
1. Install apache2, apache2-suexec-pristine and libapache2-mpm-itk packages.
2. Disable mpm_event and enable cgid, mpm_prefork and suexec modules.
3. Configure two sites on Apache2.
3-1. For the first one, enable SuexecUserGroup. (000-default in the example)
3-2. For the second one, enable AssignUserID. (001-userid in the example)
4. Enable type-map and CGI on the first site.
5. Place a type-map file whose filename ends with .cgi.var on the first
site. (board.cgi.var in the example)
6. In the type-map file, specify valid URIs to CGI scripts. Also specify
"Content-Type: application/x-httpd-cgi"
7. Using web browser, access to the path to the type-map file on the
first site, without putting .var suffix.
8. You'll see 500 Internal Server Error. Also, apache2 is terminated in
few seconds.
The problems you can confirm in the above steps are two:
- The server responds 500 instead of running CGI correctly.
When you access to the path to the type-map file *with* .var suffix,
CGI is executed correctly.
- The apache2 process is terminated.
This has to be more severe than just returning 500.
This problem doesn't occur if the second site doesn't exist.
In error.log, you'll see errors like below:
[Thu Sep 29 18:32:42.176871 2022] [cgid:error] [pid 209665] (104)Connection reset by peer: AH01248: Error reading request on cgid socket
[Thu Sep 29 18:32:42.177025 2022] [cgid:error] [pid 209704] [client xxx.xxx.xxx.xxx:53380] End of script output before headers: board.cgi
[Thu Sep 29 18:32:43.161802 2022] [cgid:error] [pid 209664] AH01239: cgid daemon process died, restarting
[Thu Sep 29 18:32:44.170387 2022] [mpm_prefork:emerg] [pid 209706] (22)Invalid argument: AH00144: couldn't grab the accept mutex
[Thu Sep 29 18:32:45.170296 2022] [core:alert] [pid 209664] AH00050: Child 209706 returned a Fatal error... Apache is exiting!
Reply to: